package com.bupt.cad.controller;


import com.bupt.cad.auth.ValidateCode;
import com.bupt.cad.constant.LoginConstant;
import org.apache.commons.lang.StringUtils;
//import org.apache.shiro.SecurityUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.IOException;

@RestController
public class ValidateController {
    /**
     * 生成验证码
     * @param request
     * @param response
     * @throws IOException
     * @ValidateCode.generateTextCode(验证码字符类型,验证码长度,需排除的特殊字符)
     * @ValidateCode.generateImageCode(文本验证码,图片宽度,图片高度,干扰线的条数,字符的高低位置是否随机,图片颜色,字体颜色,干扰线颜色)
     */
    @RequestMapping(value = "validateCode")
    public void validateCode(HttpServletRequest request, HttpServletResponse response) throws IOException {
        response.setHeader("Cache-Control", "no-cache");
        String verifyCode = ValidateCode.generateTextCode(ValidateCode.TYPE_NUM_LOWER, 4, null);
        request.getSession().setAttribute("validateCode", verifyCode);
        response.setContentType("image/jpeg");
        BufferedImage bim = ValidateCode.generateImageCode(verifyCode, 90, 30, 5, true, Color.WHITE, Color.BLUE, null);
        ImageIO.write(bim, "JPEG", response.getOutputStream());
    }
//    /**
//     * 登录请求
//     * @param
//     */
//    @RequestMapping(value = "login", method = RequestMethod.POST, produces = "text/html; charset=utf-8")
//    public String login(HttpServletRequest request, HttpServletResponse response, UserEntity user) {
//        //首先进行验证码验证
//
//        Session session = SecurityUtils.getSubject().getSession();
//        String code = (String) session.getAttribute("validateCode");
//        String submitCode = WebUtils.getCleanParam(request, "validateCode");
//        if (StringUtils.isEmpty(submitCode) || !StringUtils.equals(code,submitCode.toLowerCase())) {
//            request.setAttribute("LOGIN_ERROR_CODE", LoginConstant.LOGIN_ERROR_CODE_100000);
//            request.setAttribute("LOGIN_ERROR_MESSAGE", LoginConstant.LOGIN_ERROR_MESSAGE_VALIDATECODE);
//            return "login";
//        }
//        // 想要得到 SecurityUtils.getSubject() 的对象．．访问地址必须跟shiro的拦截地址内．不然后会报空指针
//        Subject sub = SecurityUtils.getSubject();
//        // 用户输入的账号和密码,,存到UsernamePasswordToken对象中..然后由shiro内部认证对比,
//        // 认证执行者交由ShiroDbRealm中doGetAuthenticationInfo处理
//        // 当以上认证成功后会向下执行,认证失败会抛出异常
//        UsernamePasswordToken token = new UsernamePasswordToken(user.getAccountName(), user.getPassWord());
//        try {
//            sub.login(token);
//        } catch (LockedAccountException lae) {
//            token.clear();
//            request.setAttribute("LOGIN_ERROR_CODE", LoginConstant.LOGIN_ERROR_CODE_100002);
//            request.setAttribute("LOGIN_ERROR_MESSAGE", LoginConstant.LOGIN_ERROR_MESSAGE_SYSTEMERROR);
//            return "login";
//        } catch (ExcessiveAttemptsException e) {
//            token.clear();
//            request.setAttribute("LOGIN_ERROR_CODE", LoginConstant.LOGIN_ERROR_CODE_100003);
//            request.setAttribute("LOGIN_ERROR_MESSAGE","账号：" + user.getUserName() + LoginConstant.LOGIN_ERROR_MESSAGE_MAXERROR);
//            return "login";
//        } catch (AuthenticationException e) {
//            token.clear();
//            request.setAttribute("LOGIN_ERROR_CODE", LoginConstant.LOGIN_ERROR_CODE_100001);
//            request.setAttribute("LOGIN_ERROR_MESSAGE", LoginConstant.LOGIN_ERROR_MESSAGE_USERERROR);
//            return "login";
//        }
//        return "redirect:/index.shtml";
//    }
}
